Hey Dale, I just took a quick look at bzlite and it seems it's using HTTP and does not allow HTTPS at all. Let's try to figure out how we can get this hosted on a strong HTTPS setup. I suppose folks from opsec (CCd) can help you with that as well. Considering that most first dogfooders will have interesting bugzilla credentials (e.g. security permissions), we shouldn't let their login flow go over bzlite and HTTP. (Even though it already uses HTTPS when talking to Bugzilla).
[Blocking Requested - why for this release]:
blocking-b2g: --- → spark?
Yeh this is being working on 1150824, cheers
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 1150824
blocking-b2g: spark? → 2.5?
You need to log in before you can comment on or make changes to this bug.